Advisory ID: ngCERT-2025-110010
SUMMARY
ngCERT alerts on escalating financial cyber-enabled scams by organised criminal networks targeting global financial systems. These scams are perpetuated by leveraging advanced technology and social engineering tactics, aimed at gaining illegal financial proceeds. In 2024 alone, global scam operations resulted in over $16.6 billion in losses to US victims, a 33% increase from the previous year, with Transnational Crime Organisations (TCOs) in Southeast Asia playing a central role. These networks employ forced labour in scam centres, AI-driven impersonation, and cryptocurrency laundering to target individuals and institutions. Recent international operations have led to thousands of arrests and asset seizures, but the threat persists, driven by high profits estimated at $3 trillion annually and evolving tactics. The severity, frequency and complexity of these scams underscore the need for individuals and financial institutions to implement proactive measures to safeguard their lives and systems.
Damage: Critical
Probability: High
Platform(s): Financial Systems
DESCRIPTION
These criminal networks operate like multinational corporations, establishing scam centres in regions with weak governance, such as Southeast Asia, where they coerce trafficked individuals into perpetrating fraud through debt bondage and violence. Key tactics include:
- Romance Baiting and Pig-Butchering Scams: Fraudsters build trust through dating apps or social media, posing as romantic interests or friends, then lure victims into fake cryptocurrency or investment platforms. Once invested, scammers drain funds, often using "USDT Token Approval Scams" where victims unknowingly grant wallet access through phishing links.
- Phishing and Impersonation: Mass phishing campaigns mimic banks or executives in Business Email Compromise (BEC) schemes, tricking users into transferring funds or credentials. Additionally, AI is utilised to enhance deep fakes for voice/video calls.
- Money Laundering through Mule Networks: Nearly 2 million money mule accounts were reported in 2024, where recruited individuals (often scam victims themselves) launder illicit proceeds through legitimate financial channels, including virtual asset service providers (VASPs).
- Investment and E-Commerce Fraud: Fake online shopping sites or high-yield investment promises exploit economic vulnerabilities, with proceeds funnelled through stablecoins like Tether (USDT).
CONSEQUENCES
The ramifications of these scams are highlighted as follows:
- Economic Losses.
- Human Exploitation.
- Systemic Risks.
- Psychological and Societal Harm.
SOLUTION/MITIGATION
ngCERT recommends that financial institutions should:
- Launch public campaigns to educate users on spotting romance scams, fake investments, and phishing while promoting 2FA and transaction cool-off periods.
- Deploy AI-powered behavioural biometrics and fraud detection systems to identify and block money mule accounts.
- Use advanced technology like deep fake detection tools and real-time wallet monitoring, combined with cross-sector intelligence sharing, to disrupt scams early.
- Tighten KYC/AML rules for high-risk transactions and conduct coordinated international operations against scam call centres.
- Encourage immediate reporting of all cyber-scam incidents to ngCERT and relevant agencies for rapid response.
- Establish easy-to-access victim hotlines, fund recovery pathways, and train bank staff to engage coerced money mules instead of prosecuting them.
HYPERLINK
- https://www.biocatch.com/press-release/nearly-two-million-money-laundering-accounts-reported-in-2024
- https://www.interpol.int/en/News-and-Events/News/2024/USD-257-million-seized-in-global-police-crackdown-against-online-scams
- https://www.moodys.com/web/en/us/kyc/resources/insights/how-organized-crime-networks-operate-financial-scams.html
- https://www.interpol.int/en/News-and-Events/News/2024/INTERPOL-Financial-Fraud-assessment-A-global-threat-boosted-by-technology